Zendesk hacked – Tumblr, Pinterest, Twitter user email addresses stolen

zendesk

Tumblr has sent out emails to its users notifying them of a security breach. However, the issue isn’t Tumblr’s system’s fault, as the hack can be traced back to Zendesk, the email and contact support client that Tumblr and a handful of other social applications use.  Pinterest and Twitter are also suffering at the Zendesk security failure. 

The security vulnerability has been patched up already, Zendesk wrote in a blog post. But the damage has been done already: The hacker downloaded the email addresses of people who emailed Twitter, Tumblr, and Pinterest support. The only silver lining is that users’ passwords are safe and sound.

If you’re a Tumblr user and ever contacted its support team via email in the past 2.5 years since Tumblr has been using Zendesk Tumblr says that there’s a good chance that you’ve been affected. These are the warning words Tumblr had for users. 

“This (security breach) has potentially exposed records of subject lines and, in some cases, email addresses of messages sent to Tumblr Support. While much of this information is innocuous, please take some time today to consider the following:

The subject lines of your emails to Tumblr Support may have included the address of your blog which could potentially allow your blog to be unwillingly associated with your email address.

Any other information included in the subject lines of emails you’ve sent to Tumblr Support may be exposed. We recommend you review any correspondence you’ve addressed to support@tumblr.com, abuse@tumblr.com, dmca@tumblr.com, legal@tumblr.com, enquiries@tumblr.com, or lawenforcement@tumblr.com.

Tumblr will never ask you for your password by email. Emails are easy to fake, and you should be suspicious of unexpected emails you receive.”

The last point is critical. Phishing is a common attack conducted via email to dupe recipients into clicking on malicious links, opening up tainted attachments, or asking them to divulge personal information. Now any emails you might receive that look similar to a Tumblr address but seem suspicious for whatever reasons should be approached with serious caution. The email that Pinterest and Twitter has sent out also reaffirms that its users shouldn’t divulge their account information, especially passwords.

Fortunately for Twitter, the social network is using DMARC, Domain-based Message Authentication, so that email providers including AOL, Gmail, Outlook, and Yahoo! Mail, can flag and delete any emails that are trying to mimic a company’s real email address. So if you’ve emailed Twitter support before, the hacker probably has access to your email address, but with DMARC in place, any efforts to contact and phish for your information should be curbed. Let’s just hope that Tumblr and Pinterest follow suit.

Computing

Data breach compromises 773 million records, 21 million passwords

A security researcher was alerted to a collection of breached data that included more than 773 million compromised records. After digging deeper, the breach was revealed to contain more than 21 million passwords.
Mobile

Having trouble logging in? Here’s how to reset your Apple ID password

To use any of Apple's services, you need to have an Apple ID and know your password. Thankfully, there are ways to deal with forgotten passwords and regain access to your account. Here's how to reset your Apple ID password.
Computing

Hackers are scoring with ransomware that attacks its previous victims

Computer viruses are always evolving. In a new one, dubbed "Ryuk," hackers are targeting PCs with ransomware that scours an infected network in order to pinpoint and attack and enterprises with big money.
Computing

Reluctant to give your email address away? Here's how to make a disposable one

Want to sign up for a service without the risk of flooding your inbox with copious amounts of spam and unwanted email? You might want to consider using disposable email addresses via one of these handy services.
Computing

Make a GIF of your favorite YouTube video with these great tools

Making a GIF from a YouTube video is easier today than ever, but choosing the right tool for the job isn't always so simple. In this guide, we'll teach you how to make a GIF from a YouTube video with our two favorite online tools.
Photography

Photoshop fail gives Aussie leader two left feet in official portrait

The Aussie prime minister doesn't have two left feet, despite an official photograph of the leader and his family suggesting otherwise. It was, of course, a Photoshop fail, and the embarrassing snafu was soon trending on Twitter.
Social Media

Instagram now lets you post to multiple accounts in one tap

Instagram for iPhone now lets you post to multiple accounts at the same time. It's not the regram feature that many users have been asking for, but it could prove useful for some users who manage more than one profile.
Social Media

No yolk! A photo of an egg has become the most-liked post on Instagram

Until this weekend, the most-liked post on Instagram was of Kylie Jenner's baby daughter, which has around 18 million likes. It's now been knocked off the top spot not by a stunning sunset or even a cute cat, but by an egg.
Social Media

Invite your friends — Facebook Events can now be shared to Stories

Facebook is testing a way to make plans with friends to attend an event -- through Stories. By sharing an event in Facebook Stories, users can message other friends interested in the event to make plans to attend together.
Social Media

A quick swipe will soon let you keep bingeing YouTube on mobile devices

The YouTube mobile app has a new, faster way to browse: Swiping. Once the update rolls out, users can swipe to go to the next (or previous) video in the recommended list, even while viewing in full screen.
Web

Switch up your Reddit routine with these interesting, inspiring, and zany subs

So you've just joined the wonderful world of Reddit and want to explore it. With so many subreddits, however, navigating the "front page of the internet" can be daunting. Here are some of the best subreddits to get you started.
Photography

Starting your very own vlog? Here are the best cameras to buy

Any camera that shoots video can be used to vlog, but a few models stand out from the crowd thanks to superior image quality, ergonomics, and usability. When it comes to putting your life on YouTube, here are the best cameras for the job.
Social Media

Twitter extends its new timeline feature to Android users

Twitter users with an Android device can now quickly switch between an algorithm-generated timeline and one that shows the most recent tweets first. The new feature landed for iPhone users last month.